IT Security Weekend Catch Up – January 23, 2022

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. EU wants to build its own DNS infrastructure with built-in filtering capabilities
  2. UK gov’t plans publicity blitz to undermine privacy of your chats
  3. Austrian DSB: Use of Google Analytics violates “Schrems II” decision by CJEU
  4. It’s time for a new EU-US data transfer framework
  5. Cybercriminals fear more law enforcement action in the wake of the REvil takedown
  6. Unhappy New Year for cybercriminals as goes offline
  7. Nigerian cybercrime fraud: 11 suspects arrested, syndicate busted
  8. Hackers can access trove of stolen credentials on VirusTotal
  9. Sophisticated cyber-attack targets Red Cross Red Crescent data on 500,000 people
  10. finally admits it lost $30 million in hack

For the more technical

  1. Exploiting IndexedDB API information leaks in Safari 15
  2. About the security content of iOS 15 and iPadOS 15
  3. Microsoft releases emergency fixes for Windows Server, VPN bugs
  4. Why you shouldn’t set these 25 Windows policies
  5. Cryptography dispatches: The most backdoor-looking bug I’ve ever seen
  6. Chrome patches critical RCE vulnerability in Safe Browsing
  7. 84,000 WordPress sites affected by three plugins with the same vulnerability
  8. WordPress vulnerabilities more than doubled in 2021 and 77% of them are exploitable
  9. Busting Box’s MFA methods
  10. CVE-2021-45467: CWP CentOS Web Panel – preauth RCE
  11. The state of healthcare IoT device security 2022 (PDF)
  12. Spray365 – a password spraying tool that identifies valid credentials for Microsoft accounts
  13. Telegram: A cybercriminal hotspot – compromised financial accounts
  14. Cross-country exposure. Analysis of the MY2022 Olympics app
  15. Campaigns abusing corporate trusted infrastructure hunt for corporate credentials on ICS networks
  16. Cybersecurity for industrial control systems – part 1 & part 2
  17. Spamhaus botnet threat update: Q4-2021
  18. MoonBounce: the dark side of UEFI firmware
  19. New ransomware spotted: White Rabbit and its evasion tactics
  20. FBI links Diavol ransomware to the TrickBot cybercrime group (PDF)
  21. Linux-targeted malware increases by 35% in 2021: XorDDoS, Mirai and Mozi most prevalent
  22. DoNot Go! Do not respawn!
  23. Earth Lusca employs sophisticated infrastructure, varied tools and techniques

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *